Table Of Contents
- Part 1 – The Domain
- Part 2 – DNS
- Part 3 – DHCP
- Part 4 – AD OUs, Groups And Users
- Part 5 – Certificate Authority
- Part 6 – WSUS
- Part 7 – Central GPO Store
- Part 8 – SQL Server
- Part 9 – MDT With Chocolatey Integration
I need a certificate authority (CA) for several things in my labs. E.g. for a SSL secured Citrix Storefront base URL – load balanced by a Netscaler. Only a few PowerShell commands are necessary to set up an AD integrated CA with the web enrollment component.
$CACommonName => You have to give the CA a name, mine is “dominik-lab-CA”.
$HashAlgorithmName => The default hash algorithm is SHA1 and this is normally enough for a lab, but Google Chrome doesn’t like SHA1 and you won’t get that nice green https in your address bar:
Therefore I choose SHA256 instead. SHA512 is also possible but there are some rumors that there are problems with Netscaler VPX which I use in my lab.
$Keylength => Next is key length. Most of the Citrix and VMware products require a key length of 2048 bits so I choose this.
$PeriodOfValidity => The default period of validity is two years – I prefer five years instead (although my lab will never get that old 😉 )
Your Server Manager should look like this when the script has finished: